I happen to be a professor at a reputed college. I want to design an online exam for over 1000 students via around 50 computers right after the vacation ends. Now the problem is that I have heard that many students use Google on a different tab to find answers when no invigilator is around.

I want to know if there is a way to backtrace it after the exams via some kind of history or any other possible way.

In our university there is a standard system. I am not good with computers but I will try to explain. Each computer uses mozilla to connect to a server centrally located via an IP. The students open it and enter a unique ID and password to start the exams. Many questions are jumbled and different groups of students give exam in a different time slot.

Is there any way to trace it since I want to set an example for students so they won't cheat and give exams in an honest way.

Additional details: Since the number of computers are less than the number of students, more than 10 students are going to use a single computer on a single day over a period of 10 hours. After this, if I check the history (and let's say someone even forgot to delete the history and I see it), will I able to figure out who among the 10 has done it? Moreover, is it even practical and feasible?

What about temporarily redirecting google.com to a page containing: “Don't cheat. We are watching you!”
–
MarcoJun 19 '12 at 7:11

20

Some of the students will use a smartphone to escape your surveillance. The poor ones will have to use sms to their private helpdesks.
–
ott--Jun 19 '12 at 8:26

40

Do you actually need Internet online? Is the exam given through a browser application? At our school, we actually disable the Internet access in the lab when an exam is given, and then students have to get the exam and submit it through a temporary server running on some 198.168.1.xxx. Instead of fighting through the whole proxy thing.... if Internet is not required, just turn it off. There is also ways to make the internet not outgoing....
–
CppLearnerJun 19 '12 at 13:47

27

I have never understood what these sort of exams are supposed to prove. Are we trying to prove that some students can memorize, while others can't? How is that at all useful to problem solving in the real world where access to google is encouraged? Really, I'd suggest completely rethinking the concept of preventing students from searching. What ever happened to trusting people?
–
zzzzBovJun 19 '12 at 14:39

5

so, you want to let them have internet access for the sole purpose of catching them cheating? Sounds like a sting operation...
–
dotjoeJun 19 '12 at 21:13

12 Answers
12

Simple - run the system on a separate network segment (oh you are already, arn't you?). Force everything through a proxy, or disconnect that segment from the internet at large during an exam. There's nothing to stop someone from pasting a bigass cheat sheet on $randompastebinsite, or using their own proxy.

You'll have a MUCH easier time isolating the exam-network from the internet than tracing each and every system one by one. You'd probably need a switch with enough connections for all the systems and just disconnect the uplink port to the internet as needed. You do not want to use wireless for this.

If you insist on doing forensics, there's a few things to try assuming the students haven't thought to clear everything

nirsoft's mozilla history and cache view should let you read the history and cache of a copy of firefox - this would be defeated by clearing private data. Mylastsearch will narrow down searches on search engines.

ipconfig /displaydns in a command line will show all domains accessed. Running ipconfig /dnsflush will clear it - doing it after every student would make sure you can tell which student uses what.

@RobinJ Proxies are not bypassable if the network is designed correctly to prevent this. Journeyman Geek's answer is predicated on the idea that the access is controlled adequately.
–
PaulJun 19 '12 at 14:13

13

And don't forget to tell students to leave the smartphones/tablets at a locker
–
Vinko VrsalovicJun 19 '12 at 14:27

running tabs in private or incognito modes tends to bypass the above concerns, too (ie, that you can monitor what is being accessed)
–
warrenJun 19 '12 at 16:07

1

dosen't bypass /displaydns i think. I'll have to run some tests for fun at some point to see
–
Journeyman Geek♦Jun 19 '12 at 16:19

You can use javascript to detect when the exam webpage loses focus.
You can prompt a warning box that would ask the student to return focus to the window.
and terminate the exam if the student still opts switching tab.

i have faced one online exam that had such kind of protection.
–
tumchaadityaJun 19 '12 at 9:29

5

There are Hacks (or Bypass) to it such as Disabling Javascript..
–
Akshat MittalJun 19 '12 at 13:41

1

@AkshatMittal to get around the Disabling Javascript workaround, what if there was a mechanism setup that used Javascript to ping a server every X many seconds. So if JavaScript was disabled, the server would then not be pinged. After so many pings the test either gets disabled, or flagged. Alternatively, I wonder if setting a variable to a start time, then have another variable that's a second counter. If current time - start time != second counter, then we know JavaScript was disabled. And JavaScript would be needed to submit the test or advance to the next page. An idea anyway.
–
joshaidanJun 19 '12 at 13:48

17

Horribly solution, I'd rather not be accused of cheating for opening notepad to make well.. notes before submitting an answer. For example, my professor here gave us ugly, unindented XML in an online exam which I had to indent in an editor to make it readable.
–
ThiefMasterJun 19 '12 at 16:46

1

@joshaidan Any client-side security is necessarily bypass-able. For example, a student could (though this is extremely unlikely) remove the javascript part that was monitoring them while still answering the pings and allowing the advance/submit.
–
Istvan ChungJun 19 '12 at 17:15

There are ways to do it. When I was a little boy, about 10-15 years ago, my elementary school teacher would give us exam on the computer. But she would sit in front of her master PC, and can actually go right into each computer's desktop (you can see their screens). By telling them that they are actually being monitored, and call out their name once in a while, you will scare them.

Another way is ask yourself whether you need Internet access or not. If you don't, just ask the lab administrator to disable it during the exam. Because this is a university system, you have to go through the administrator. Most of them can actually disable it.

For me, as a CS major, I have to get the file from some 192.168.1.1xx IP, and submit it through that local server. The teacher will get the whole directory packed, and emailed to him.

If you really need Internet access, the only quickest solution is to redirect google, yahoo, bing. And walk around. Go and ask them to pause so you can check their PCs.

Also, you can ask to setup one unified temp account that they can browser any website, but they can't delete anything because they don't have the permission to do so. Or just a temp account that does not have Internet access.

You can ask to allow only XYZ website also. It can be done through the hosts file.

Trust me. There is nothing more effective than walking around and monitor given begging administrator to approve your requirement is like asking for a new job. Keep walking.

The simplest of all the answers I have seen so far is what my college did:

They made use of the Respondus Lockdown browser. You make the student log into the exam using the Lockdown browser only, it then ensures that you can't get out of that browser using any keyboard shortcuts or others well-known methods of forcing it to lose focus. The browser then logs everything you need to know, including any history and like and the student doesn't have the ability to delete anything.

Con: your college will have to pay for a license.

Major pro:

It connects directly into most well-known education content management systems such as Moodle, Blackboard, ANGEL, etc.

You don't have to worry about figuring out all the other solutions posted that involve IT knowledge, as you stated you weren't very good with computers.

quite nice answer... but this will involve blocking them from using other browsers installed on system....and blocking and unblocking application use on 50 computers is quite huge task...
–
tumchaadityaJun 20 '12 at 4:32

If you administer an exam through Blackboard, Moodle, or some of the other major education management systems, it won't let you in unless you're using Respondus Lockdown. So you require the student to install the program and the exam online forces use of the Respondus Browser. It's not a perfect solution and those comfortable hacking executables with a hex editor can delete the restrictions quite simply, but it's the simplest solution and like others have mentioned, if you want to cheat hard enough you'll find a way. Like having your iPad open by your side if your taking this at home online...
–
PaulJun 20 '12 at 21:59

Just Disable google.com for that time, using hosts file or other programs like this. You can also do this via router management console (or router webadmin console - usually 192.168.1.1), this will block it completely over the Network.

1st. All the institutes organize Online exams are hosted on a server inside the campus so the online exam could only be accessed from local network.
In that case the network could be separated & blocked access to internet because the student only need access to online exam portal page.

2nd. If the exams are needed to host over internet & you have to use some Software or Hardware firewall to control the access to unwanted websites. There are plenty of opensource firewalls available based on different platforms like unix,linux, windows.

3rd. Most of the exams hosted over internet & available to public internet access, The questions are already complicated enough that answers are not easily available on internet. So if student will try search answer on internet it will consume lots of his time which again lacks him in exam.These exams are like Open book exams .

Run a server in the local network, where the exams are located on. Disconnect this local network completely from the outer world, so it remains local. There's no way that anyone'll be able to access Google, or anything at all appart from their exam.

Building off of @tumchaaditya answer, I suggest setting up a JavaScript mechanism to watch if the page loses focus, but then also setup a check to see if JavaScript gets disabled. You could either do one of the following:

Setup a mechanism to ping a server every X many seconds. If the server does not receive Y amount of pings, then we know JavaScript was disabled for this particular test. This of course has some issues, such as possible network issues could also cause the pings to not be received. So if a test gets flagged as lost pings, then a procedure should be setup to see whether or not the user cheated.

Alternatively, have all advance to the next page buttons, and the submit test buttons implemented with JavaScript. Have a variable called start_time which stores the start time of the test. Use a second variable called counter that gets incremented every second. When the method to advance the page, or submit the test gets called, check to see that counter = current_time - start_time.

Just a few ideas I thought of, I guess it's possible that (2) may be vulnerable if there are ways to perhaps use debugger tools to change the value of counter.

Most real complex task in modern world require thinking, not memorization. Successfully finding correct reference (Google, cheat sheets, whatever) and using it to solve task at hand is actually encouraged in pretty much any work. Maybe instead of imposing artifical limitations, you should try reworking your exam questions instead.

Right now it sounds as your question are simple memory checks like: recall this historic fact and tell me details, recall this well-known equation or present proof of this well-known theorem. Of course answers for those can easily be found online and copy/pasted on exam.

Change them to require thinking instead: don't ask how to derive force and expect F = ma from memory, ask, for example, what happen if two objects of specific mass and speed will collide head-on and let students think what derivation must be used. Mix and matching several parameters in question will both guarantee that you simply can't find ready answer anywhere and that student did not simply recall words from textbook, but correctly used his knowledge.

I think focusing on the technical solutions of "how to tell if someone is googling from this PC?" is very much starting with a malformed question. If I were a student who was willing to cheat, I'd cheat by holding my iPhone between my legs and googling from there when the proctor was not looking. I'd be surprised if fewer than 75% of students have a smart phone in their possession during the exam.

So maybe rather than focusing on the lab computers, you could "harden" the exam from cheating by looking at the test as one vector of attack and the environment as another. iPhones, Google, note passing, and texting answers are all environmental issues. You can harden the environment by adding more proctors and solve the environment issues. Making the test "google proof" might solve the Google attack either from phone or browser, but that might not be feasible.

tl;dr - Pay attention to the whole "attack surface" not just one aspect of cheating.

I will recommend you to block the Google.com for that time. You can do this through the NoRedirect extension for Firefox. Also you can block it on PC for every browser through the local host. Go to the C:\Windows\System32\Driver\etc and you will see a file named hosts. To edit this file just run the notepad using Run as Administrator and then open the hosts file through it.

Now you have to just type

127.0.0.1 somthing.com
127.0.0.1 www.somthing.com

We are telling our local machine that Yahoo actually exists on the local machine. Any request for www.something.com will be directed to the local machine and therefore effectively blocked.

And this will block that site on your PC for any browser. To know how block site through localhost see my this answer.

I didn't get what exactly you want to do? If you want to set up a honest exam, you can try to switch off an external link. And your students will work only inside the network.

Another way, if you want to catch someone is using Google to cheat an examination. You can use some proxy with logs and some recording system to know when every student will use every computer. After examination you will be able to look for students who used Google to search for something. (You will have a table with IP-addresses and a timing table, who was using this computer)